<?php
/**
 * Created by openXtiger.org.
 * User: xtiger
 * Date: 2009-6-17
 * Time: 20:26:23
 */
function x_index_execute() {
    session_start();
    if(!empty($_SESSION['passport_detail'])) {
        return xtr_redirect('','/'); 
    }
    px_setSeccodeinit(md5('XTrand2009625'.$_SERVER['HTTP_USER_AGENT'].xt_getip()));
    return 'login';
}
function x_index_login() {
    session_start();
    $username = xt_pget('admin_username');
    $password = xt_pget('admin_password');
    $m = xt_load('model','passportmodel');
    $r = NULL;

    $authkey = md5('XTrand2009625'.$_SERVER['HTTP_USER_AGENT'].xt_getip());

    $seccodehidden = urldecode(xt_pget('seccodehidden'));
    $seccode = strtoupper(xt_pget('seccode'));
    $seccodehidden = xt_authcode($seccodehidden, 'DECODE', $authkey);
    $seccodehidden = xt_seccodeconvert($seccodehidden);

    if(empty($seccodehidden) || $seccodehidden != $seccode){
        xt_set('msg','incorrect_code');
        px_setSeccodeinit($authkey);
        return 'login';    
    }
    
    if(empty($username) || empty($password) || !($r = $m('mlogin',$username,$password))) {
        px_setSeccodeinit($authkey);
        xt_set('admin_username',$username);
        xt_set('msg','login_incorrect');
        return 'login';
    }
    
    $_SESSION['passport_detail'] = array('userid'=>$username,'role'=>$r['roles'],'onlineip'=>$onlineip);
    return xtr_redirect();
}
function x_index_logout() {
    session_start();
    unset($_SESSION['passport_detail']);
    return xtr_message('loginout_success','','/x');
}

function px_setSeccodeinit($authkey){
    $rand = rand(100000, 999999);
    $seccodeinit = rawurlencode(xt_authcode($rand, 'ENCODE', $authkey, 180));
    xt_set('seccodeinit',$seccodeinit);
}
?>